[rabbitmq-discuss] Choosing SASL authentication mechanism
Jiri Krutil
jiri at krutil.com
Mon Feb 28 16:25:00 GMT 2011
Hi
When experimenting with the rabbitmq-auth-mechanism-ssl plugin, we
have seen a strange inconsistency in which SASL mechanism is chosen
for client authentication on different broker installations.
We have two instances of the 2.3.1 broker installed on different boxes
by different people. Both brokers are configured to use PLAIN,
AMQPLAIN and EXTERNAL mechanisms.
We are connecting to both brokers using the same Java client (version
2.3.1). The Java client uses the default SASL configuration.
When trying to connect, one broker uses the EXTERNAL mechanism as
expected. But the other broker uses PLAIN authentication (which fails
on invalid user/password).
When we override the default SaslConfig on the client side with a
config that only has EXTERNAL in the mechanisms list, then both
brokers use EXTERNAL and things work fine.
So my questions are:
- How does the broker choose the SASL mechanism to be used?
- What installation or configuration mistakes could affect this decision?
Cheers
Jiri
More information about the rabbitmq-discuss
mailing list